Showing papers on "Cyberwarfare published in 2017"

Tallinn Manual on the International Law applicable to Cyber Warfare: prepared by the International Group of Experts at the Invitation of the NATO Cooperative Cyber Defence Centre of Excellence

Abstract: Tallinn Manual 2.0 expands on the highly influential first edition by extending its coverage of the international law governing cyber operations to peacetime legal regimes. The product of a three-year follow-on project by a new group of twenty renowned international law experts, it addresses such topics as sovereignty, state responsibility, human rights, and the law of air, space, and the sea. Tallinn Manual 2.0 identifies 154 'black letter' rules governing cyber operations and provides extensive commentary on each rule. Although Tallinn Manual 2.0 represents the views of the experts in their personal capacity, the project benefitted from the unofficial input of many states and over fifty peer reviewers.

Cyber-Extremism: Isis and the Power of Social Media

Abstract: The current crises in Syria has led to a number of Britons travelling abroad to fight with groups such as Isis. Capitalising on this growth, Isis are now increasingly fighting an online cyber war, with the use of slick videos, online messages of hate and even an app that all aim to radicalise and create a new generation of cyber jihadists. These modern day tools are helping Isis spread their propaganda and ideology to thousands of online sympathisers across the world. Indeed, the group has actively been using social media sites such as Twitter, Facebook and YouTube to recruit new would be members. This is being done through images and the streaming of violent online viral videos filmed and professionally edited that are targeting young and impressionable people. Portraying a glamorised and ‘cool’ image, Isis fighters are beginning to act as the new rock stars of global cyber jihad. The Internet therefore is becoming the virtual playground for extremist views to be reinforced and act as an echo chamber. This study analysed 100 different Facebook pages and 50 Twitter user accounts which generated over 2050 results and helped the author create a typology of seven key behaviour characteristics and motivations. The findings in this study confirmed the author’s original hypothesis, i.e. online hate is being used by groups such as Isis for a variety of reasons such as recruitment and propaganda. Moreover, this material is coordinated and controlled by Isis as a means for publishing and sending out key messages.

‘Cumulative Deterrence’ as a New Paradigm for Cyber Deterrence

Abstract: This article suggests that there is a paradigm crisis in the sub-field of cyber deterrence. Cyber deterrence is evolving slowly and unpromisingly as a strategic tool in both theory and practice, mostly due to the ill-fitting theoretical framework and underlining assumptions it borrows from the absolute-nuclear-deterrence context. Therefore, this article suggests replacing the accepted yet inadequate paradigm of absolute deterrence with a better-fitting restrictive-cumulative-deterrence paradigm that draws on the Israeli approach to deterrence, introducing it into the cyber domain. The article further criticizes the current discourse in the field, including some ‘common knowledge’ (mis)understandings of cyberspace and the ways it affects the possibility of deterrence.

The Tallinn Manual 2.0: Highlights and Insights

Abstract: Malicious cyber activities are pervasive in the lives of individuals and in the national security discussions of national governments across the globe. It is rare to have a day pass without some cyber event reaching the national news. These malicious cyber activities are attributed to both States and non-State actors such as transnational criminal groups, terrorist organizations, and individuals. In response to this widespread phenomenon, including a specific major cyber incident in Estonia in 2007, the Cooperative Cyber Defense Center of Excellence in Tallinn Estonia hosted a multi-year process designed to provide the views of a group of renowned Experts on the application of international law to cyber activities. The first Tallinn Manual dealt with the law applicable to armed conflict. The second, and recently published, Tallinn Manual (known as Tallinn 2.0) deals with a much more broad level of cyber operations – all those not part of armed conflict. This article briefly summarizes the key points in the Tallinn Manual 2.0, including identifying some of the most important areas of non-consensus among the Experts who wrote the Manual. The article then offers some insights into where international law on cyber operations will need to go in the future.

Cyberwarfare and Digital Governance

Abstract: Dyn suffered multiple complex DDoS attacks in October 2016, constituting one of the largest cyberattacks of this nature ever documented. With this and other recent events in mind, the authors discuss conceptual and practical challenges around cyberwarfare and its impact on cyberspace governance.

Stateless Attribution: Toward International Accountability in Cyberspace

Abstract: This report reviews the state of cyber attribution and examines alternative options for producing standardized and transparent attribution that may overcome concerns about credibility. In particular, it considers the value of an independent, global organization whose mission consists of investigating and publicly attributing major cyber attacks.

Cyber Warfare and Organised Crime. A Regulatory Model and Meta-Model for Open Source Intelligence (OSINT)

Abstract: OSINT stands for Open Source Intelligence, (O)SI for (Open) Social Intelligence, and PbD for Privacy by Design. The CAPER EU project has built an OSINT solution oriented to the prevention of organized crime. How to balance freedom and security? This chapter describes a way to embed the legal and ethical issues raised by the General Data Reform Package (GDRP) in Europe into security and surveillance platforms. It focuses on the indirect strategy to flesh out ethical principles through Semantic Web Regulatory Models (SWRM), and discusses the possibility to extend them to Cyber Warfare. Institutional design and the possibility to build up a Meta-rule of law are also discussed.

Doxfare: Politically Motivated Leaks and the Future of the Norm on Non-Intervention in the Era of Weaponized Information

Abstract: Alleged Russian digital interference during the 2016 U.S. presidential election presented international law with the challenge of characterizing the phenomenon of politically motivated leaks by foreign actors, carried out in cyberspace. Traditionally, international law’s norm of nonintervention applies only to acts that are coercive in nature, leaving disruptive acts outside the scope of prohibited intervention. This notion raises a host of questions on the relevancy and limited flexibility of traditional international law in relation to new threats and challenges emanating from the use of cyberspace capabilities. The discourse on transnational cyberspace operations highlights how it has become increasingly difficult to deal with nuanced activities that cause unprecedented harms, such as the Democratic National Committee hack, as well as disinformation campaigns on social media, online propaganda, and leaking of sensitive information. This article argues that foreign actors meddling with a legitimate political process in another State through cyberspace ought to be in violation of the norm of non-intervention. Although seemingly the constitutive coercion element is absent, international law should adapt to the digital era’s threats, and consider non-coercive interferences that constitute “doxfare” – the public release of sensitive documents – with the intent of disrupting legitimate domestic processes, as violations of the norm. As this paper contends, cyberspace operations are distinct in their effects from their physical counterparts, and a traditional standard of coercion for the norm on non-intervention is outdated and requires the introduction of a more nuanced approach, that takes into account interventions that are non-coercive in nature.

Cybercrime: Definition, Typology, and Criminalization

Abstract: This chapter addresses the theme of cybercrime, providing an overall review of the basic definition, legal principles, and responses to this growing criminal justice reality. It systematically addresses the definition of cybercrime, the legal interests protected by Information and Communication Technology and Cyber Crime law. It addresses in depth the extent of criminalization, especially preparation and possession. It does focus on the issue of the challenges and limits of criminal legislation. It concludes with an analysis of the legal demands advanced by the internationalization of cyber crime, a typical characteristic of this type of crime and ends examining projected trends for the future. The chapter is documented carefully and exhaustively.

Introduction to the Special Issue on Secure Solutions for Network in Scalable Computing

Abstract: This special issue aimed at incarceration of new insights, dimensions, visionaries and accomplishments achievable for security. Security is a foremost concern in scalable computing. With the progression in ICT (Information and Communication Technologies), secure solutions are the need, as the number and kinds of attacks too are progressive. Keeping this in mind, the papers selected for this issue talks about all our visualizations from the same. In todays Internet-connected world, the advance cyber-attacks are being launched on the critical infrastructure. It has shifted the pursuit of financial profit and political gains, which lead to cyber warfare on various scales.The first paper points that malware is one of the most alarming security threats being faced by the Internet today. They have the capability to circumvent the earlier developed methods of detection and mitigation which clearly shows the need of shifting from traditional cyber security to cyber threat intelligence. Authors have proposed the design of a framework for generating malware threat intelligence which has the capability to detect, analyze, and predict the malware threats and can act as an Early Warning System (EWS). The second paper talks about the current status of sentiment analysis and opinion mining focusing on the problem of sarcasm identification and detection. The article discusses the present scenario and the problem faced by the community due to the usage of sarcasm. Authors have tried a technique based on the deep convolution neural networks where they are using a single layer convolution before the classification task and claim to have higher accuracy in the classification of sarcasm as compared to existing methods. The third paper talks about Wireless sensor networks (WSNs) that are widely used in various fields such as health monitoring, medical line, intrusion detection, and are often placed in open environment, thus vulnerable to different attacks. Various techniques were introduced to deal with security related issues of WSNs; among them trust management has been proved as an effective measure. A new protocol called Energy Efficient and Trust Aware framework for secure routing in LEACH (EETA-LEACH) has been proposed. A trust management system for WSNs has been presented to monitor the sensor nodes behaviors and evaluate their trust values based upon remaining energy, packet delivery ratio and distance. This approach is a combination of trust-based routing module and trust management module that works together to select trusted Cluster Head (CH). Simulation results have proved that proposed algorithm consumes less energy and improves packet delivery ratio. Almost all the important services are available in the application market of Android. Unfortunately, at the same time, the prosperity of these applications also attracts abusers and malicious attackers to perform different types of attacks. The fourth paper is an exploration and all-inclusive study about various approaches to perform Android applications analysis. This gives improved identification of the problem, accessible elucidation space and possible research scope to evaluate Android devices against the possible attacks. The fifth paper focused on the dynamics of worm propagation in the Wireless Sensor Networks (WSNs). Authors proposed a modified Susceptible-Infectious-Quarantined-Recovered-Susceptible (SIQRS) model based on epidemic theory and demonstrated the effect of quarantined state on worm propagation. This paper also describes the Stability of the worm free equilibrium and Endemic equilibrium, as well as, studies the effect of communication radius and node density.

An Introduction to Cyber Peacekeeping

Abstract: Peacekeeping is a noble and essential activity, helping to bring peace to conflict torn areas and providing security to millions of people around the world. Peacekeepers operate in all domains of war: buffer zones on land, no fly zones in the air and ensuring free passage at sea. With the emergence of cyberspace as a domain of war, questions on the role of peacekeeping in this domain naturally arise. There is extensive research around the topic of cyber warfare, but surprisingly little on how to restore and maintain peace in its aftermath. This is a significant gap which needs addressing. We begin by providing an overview of peacekeeping, describing its overarching goals and principles, using the United Nations model as a reference. We then review existing literature on cyber peacekeeping. The paper progresses to discuss the question of whether cyber peacekeeping is needed, and if so, if it is a plausible concept. We explore some ideas on how cyber peacekeeping could be performed and the challenges cyber peacekeepers will face, before making suggestions on where future work should be focused.

Dark web, cyber terrorism and cyber warfare: dark side of the cyberspace

Abstract: Cyberspace allows much easier access for a greater number of people, especially young people, to the propaganda of terrorist organizations and illegal activities. This kind of communication and dissemination of terrorist and criminal ideas is not only much cheaper, because it requires only an investment in a computer and access to the network, but it is anonymous, it is not spatially limited, terroristic idea and terroristic actions are performed at the same time, while the consequences can affect even more people and targets than is the case of \"offline\" criminality and terrorism. In recent years, the increasing problem that experts talk of in public is the \"dark side of surfing the internet\", the \"Dark net\" or the “Deep Web\". Cyber terrorism is a modern form of terrorism, which connects the virtual space and terrorist activity, by manipulating even more efficient methods of psychological warfare. In the cyberspace you never know who could be the next victim. Based on the characteristics of cyber terrorism and cyber warfare, it is possible to reconstruct the criminological dimensions of the terrorist attacks in cyberspace. Social networks can be used by terrorists for the purpose of psychological warfare in order to spread disinformation, fear, panic, intimidating messages and threats to the public. Since there is not a unique definition of cyber terrorism, this paper presents various definitions, implying numerous characteristics of this kind of criminal activity. The paper also pointed out to some of the international legislation that made great efforts in order to effectively counter fight cyber terrorism, both on international as well as at member state level, and emphasized the need for interstate and intergovernmental cooperation on three parallel levels: through international organizations, through multilateral and multinational platforms and through regional action.

Cyber warfare and the laws of war

Abstract: The use of cyberspace as an operational domain to wage war emerged with the development of the internet in the latter part of the twentieth century An increased reliance on the internet as the pri

Emanations of the informational state: Cyber operations and the difficulties

Abstract: >The Tallinn Manual of 2013 and its second edition, the Tallinn Manual 2.0 of 2017, are NATO-funded analyses of how existing international laws of war apply to cybersecurity and cyberwarfare. The difficulties faced by the groups of legal experts who produced these works often involve fundamental aspects of what it is to be a state altogether, challenging the survival of the state as a dominant political form altogether. These developments, in turn, provide significant challenges to the survival of the Westphalian system within which states have been defined for almost 500 years. This article thinks through the Tallinn manuals from the lens of what debates over the appropriate legal treatment of cyber operations under international law tells us about how the state is being experienced and understood in the second decade of the twenty-first century. Comparative analysis of the first and second editions of the Manual shows that just what the informational state is, what it can do, and what it should be allowed to do is becoming less clear, not more, over time.

Cyber warfare conflict analysis and case studies

Abstract: "The supreme art of war is to subdue the enemy without fighting." Sun Tsufrom "The Art of War" Believed to have lived between 770 and 476 B.C In the age of code wars, have our lives changed for the better? Are we any safer than the bloody wars or the cold wars from the past? Is there any more guarantee now in a cyber age than in a kinetic age involving human forces? These are the types of questions that have little answers due to the secret nature of the operation. State-sponsored activities are commonplace. Whenever there is involvement by a state, the stakes are higher, and loss of life can never be ruled out. The objective of this thesis was to research historical cyber-warfare incidents from the past to current and map the relevant cyber-warfare data in a well-known framework called CASCON, which is a history-based conflict analysis and decision-support system. The CASCON-based analysis for cyber incidents revealed a larger picture of the world we live in and how easily that world could change. The information contained in this thesis is not meant to be conclusive, but a study of statesponsored cyber cases using MIT's CASCON to map and categorize information for future learning about conflicts involving states. It is the purpose of this thesis to (a) research historical cyber-warfare incidents and (b) map cyber-warfare incidents into a framework. Thesis Advisor: Stuart Madnick Title: John Norris Maguire Professor of Information Technology, MIT Sloan School of Management & Professor of Engineering Systems, MIT School of Engineering Thesis Advisor: Allen Moulton Title: Research Scientist, Sociotechnical Systems Research Center

Western Denial and Russian Control. How Russia’s National Security Strategy Threatens a Western-Based Approach to Global Security, the Rule of Law and Globalization

Abstract: The Russian National Security Strategy of 2015 aims at achieving autarky from Western influences on global security, the rule of law and global trade Russia aims at attaining this by applying a ho

Tactical Cyber: Building a Strategy for Cyber Support to Corps and Below

Abstract: : This report documents research conducted as part of the project Building a Strategy for Cyber Support to Corps and Below. RAND Arroyo Center was asked by U.S. Army Cyber Commands G35 office to develop and document an Army strategy for providing cyber support to corps and below (CSCB) units that describes how the Army should use its available resources to achieve mission objectives. CSCB is synonymous with tactical cyber operations: Both refer to actions in and through the cyberspace domain in support of tactical operations. CSCB is of increasing importance as the Army and other services develop strategies to seamlessly incorporate actions in the cyberspace domain with activities in the traditional warfighting domains (land, air, maritime, and space).

Foundations of Homeland Security : Law and Policy

Abstract: 1 Introduction. 2 The Strategic Environment. 3 Homeland Security Council. 4 Intelligence Gathering. 5 The Department of Homeland Security. 6 The Federal Emergency Management Agency. 7 National Security Strategy of the United States of America, March 2006. 8 National Strategy for Combating Terrorism, September, 2006. 9 National Strategy for Homeland Security, October 2007. 10 Border Security. 11 Critical Infrastructure Protection. 12 Cyber Security. 13 Agriculture and Food. 14 Transportation Security. A. Overview. B. Aviation Security. C. Maritime Transportation Security. D. Rail Transportation. E. Trucking. F. Bus. 15 Weapons of Mass Destruction. 16 Biodefense and WMD Medical Countermeasures. 17 National Continuity Policy. 18 Identification Issues. A. Terrorist Screening: Biometrics for Identification. B. Real ID. C. Common Identification for Federal Employees. 19 Emergency Preparedness and Response. 20 National Incident Management System (NIMS). 21 National Response Framework. 22 Authority to Use Military Force. 23 Detention and Treatment of Terrorists. 24 Resiliency and a Culture of Preparedness. 25 European Homeland Security: A Work in Progress (John L. Clarke). 26 China and Japan: Approaches to Domestic and Transnational Terrorism (Manuel Manriquez). 27 Teaching Ideas. Index.

Cyber Power Potential of the Army's Reserve Component

Abstract: The military services are formalizing and bolstering their contribution to the nation's cyber force. This report identifies the number of Army reserve component (RC) personnel with cyber skills, to help identify ways in which these soldiers can be leveraged to conduct Army cyber operations. This report also describes the broader challenges and opportunities that the use of RC personnel presents.

Dynamics of Decision Making in Cyber Defense: Using Multi-agent Cognitive Modeling to Understand CyberWar

Abstract: Information technology is the center of gravity of everyday human activity. From the eyes of a citizen, a company, or a nation, successful every day activities need to be conducted while being aware of cyber security and protection, aiming to anticipate possible criminal activities that would damage our property (both physical and intellectual) and our privacy. Cyberwar has become an important threat to our national security, involving malicious activities across nation-wide organizations in offensive and defensive operations, and cyber-attacks are now part of everyday news.

A Research Agenda to Improve Decision Making in Cyber Security Policy

Abstract: Part of the Diplomatic History Commons, History of Science, Technology, and Medicine Commons, International and Area Studies Commons, International Law Commons, International Trade Law Commons, Law and Politics Commons, Military, War, and Peace Commons, National Security Law Commons, Political Science Commons, Public Affairs, Public Policy and Public Administration Commons, Rule of Law Commons, Social History Commons, and the Transnational Law Commons

The Hierarchy of Cyber War Definitions

Abstract: With the advent of militaries declaring cyberspace as the fifth domain of military warfare, those modern societies that are heavily dependent on its reliable operation need to have a clear understanding of the actors and future activities brought about by this new doctrine. Knowing what is meant by the terms ‘cyber war’ and ‘cyber warfare’ is critical to navigating a path forward in preparing for and mitigating the effects caused by such activities. In this paper, the authors identified and analysed 159 documents containing the definitions for these terms in order to discern definitional origins, patterns of usage and the relative trends that emerge as a result. From this analysis, we construct a discourse hierarchy of cyber war and cyber warfare definitions, both as a representation of the findings as well as a basis for incorporating future works into the larger context of the domain.

Military-based cyber risk assessment framework for supporting cyber warfare in Thailand

Abstract: Information Technology (IT) Risk Management is designed to confirm the sufficiency of information security.There are many risk management/assessment standards, e.g. IS0 27005:2011 and NIST SP 800-30rev1, which are mainly designed for general organizations such as governments or businesses. Cyber risk assessment focused on military strategy has been rarely studied.Hence, this paper presents an innovative cyber risk assessment conceptual framework named “Cyber Risk Assessment (CRA)” which is extended from previous work with Military Risk Evaluation (MRE).This proposed CRA is the collection and integration of both quantitative and qualitative data.The Vulnerability Detection (VD) tools in Network Risk Evaluation (the previous studies) were used for the quantitative data collection and the focus group in the MRE (the proposed method) was used to collect qualitative data, which enhance the general risk assessment standard to achieve the objective of the research.The complexity of cyberspace domains with a military perspective is thoughtfully contemplated into the cyber risk assessment for national cyber security.Results of the proposed framework enable the possibility of cyber risk evaluation into score for national cyber security planning.

Military Objectives in Cyber Warfare

Abstract: This Chapter discusses the possible problems arising from the application of the principle of distinction under the law of armed conflict to cyber attacks. It first identifies when cyber attacks qualify as ‘attacks’ under the law of armed conflict and then examines the two elements of the definition of ‘military objective’ contained in Article 52(2) of the 1977 Protocol I additional to the 1949 Geneva Conventions on the Protection of Victims of War. The Chapter concludes that this definition is flexible enough to apply in the cyber context without significant problems and that none of the challenges that characterize cyber attacks hinders the application of the principle of distinction.

Organising cyber security in Australia and beyond

Abstract: The Internet is an interconnected network and cyber security requires collective action How that action is organised has important implications for national security, including the defence against cyber attacks and malicious activities This article explains the origins and institutionalisation of cyber security in Australia—particularly ‘civilian cyber security’ The authors trace the origin of Australia’s first computer emergency response team and explain how this organisational form spread from the USA Through it, Australia helped enable international cooperation Domestically, however, the authors argue that the Australian government has struggled with the delegation, orchestration and abdication of responsibility for civilian cyber security, underinvesting in civilian organisations while overrelying on military and intelligence agencies The history of this organisational field provides valuable insight into how to improve national policy and operations for cyber security